08-220r1 To: J3 From: Steve Lionel Subject: Comment from Robert Corbett Date: 2008 August 11 Comment: The Fortran 2008 draft allows internal procedures to be pointer targets and dummy arguments. The only practical implementation of the functionality as specified in the current draft requires the use of self-modifying code. Self-modifying code has long been established to be a security problem. Some secure operating systems, such as SELinux and Trusted Debian, can be built in ways that do not allow self-modifying code. Recent versions of Mac OS require users to mark executables that allow self-modifying code. The functionality could be provided in ways that do not require self-modifying code. Traditionally, pointers to internal procedures have been implemented as two parts: the address of the entry point of the internal procedure and the context in which the procedure is to be executed. In modern languages, such pointers are called "closures." Adding a way to declare closures would permit the functionality of pointers to internal procedures without putting security at risk. J3's response: There are existing implementations of this feature that do not fall afoul of the OS restrictions noted. Given this, as well as the popularity of this feature with the Fortran community, J3 will remove the feature from the language.